1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 // This test uses the safebrowsing test server published at
6 // http://code.google.com/p/google-safe-browsing/ to test the safebrowsing
7 // protocol implemetation. Details of the safebrowsing testing flow is
9 // http://code.google.com/p/google-safe-browsing/wiki/ProtocolTesting
11 // This test launches safebrowsing test server and issues several update
12 // requests against that server. Each update would get different data and after
13 // each update, the test will get a list of URLs from the test server to verify
14 // its repository. The test will succeed only if all updates are performed and
15 // URLs match what the server expected.
19 #include "base/bind.h"
20 #include "base/command_line.h"
21 #include "base/environment.h"
22 #include "base/path_service.h"
23 #include "base/strings/string_number_conversions.h"
24 #include "base/strings/string_split.h"
25 #include "base/strings/stringprintf.h"
26 #include "base/strings/utf_string_conversions.h"
27 #include "base/synchronization/lock.h"
28 #include "base/test/test_timeouts.h"
29 #include "base/threading/platform_thread.h"
30 #include "base/threading/thread.h"
31 #include "base/time/time.h"
32 #include "chrome/browser/browser_process.h"
33 #include "chrome/browser/chrome_notification_types.h"
34 #include "chrome/browser/profiles/profile.h"
35 #include "chrome/browser/safe_browsing/database_manager.h"
36 #include "chrome/browser/safe_browsing/local_safebrowsing_test_server.h"
37 #include "chrome/browser/safe_browsing/protocol_manager.h"
38 #include "chrome/browser/safe_browsing/safe_browsing_service.h"
39 #include "chrome/browser/ui/browser.h"
40 #include "chrome/common/chrome_switches.h"
41 #include "chrome/common/url_constants.h"
42 #include "chrome/test/base/in_process_browser_test.h"
43 #include "content/public/browser/browser_context.h"
44 #include "content/public/test/test_browser_thread.h"
45 #include "content/public/test/test_utils.h"
46 #include "net/base/load_flags.h"
47 #include "net/dns/host_resolver.h"
48 #include "net/log/net_log.h"
49 #include "net/test/python_utils.h"
50 #include "net/url_request/url_fetcher.h"
51 #include "net/url_request/url_fetcher_delegate.h"
52 #include "net/url_request/url_request_status.h"
53 #include "testing/gtest/include/gtest/gtest.h"
55 using content::BrowserThread
;
59 const base::FilePath::CharType kDataFile
[] =
60 FILE_PATH_LITERAL("testing_input_nomac.dat");
61 const char kUrlVerifyPath
[] = "safebrowsing/verify_urls";
62 const char kDBVerifyPath
[] = "safebrowsing/verify_database";
63 const char kTestCompletePath
[] = "test_complete";
67 std::string list_name
;
71 // Parses server response for verify_urls. The expected format is:
73 // first.random.url.com/ internal-test-shavar yes
74 // second.random.url.com/ internal-test-shavar yes
76 bool ParsePhishingUrls(const std::string
& data
,
77 std::vector
<PhishingUrl
>* phishing_urls
) {
81 std::vector
<std::string
> urls
;
82 base::SplitString(data
, '\n', &urls
);
83 for (size_t i
= 0; i
< urls
.size(); ++i
) {
86 PhishingUrl phishing_url
;
87 std::vector
<std::string
> record_parts
;
88 base::SplitString(urls
[i
], '\t', &record_parts
);
89 if (record_parts
.size() != 3) {
90 LOG(ERROR
) << "Unexpected URL format in phishing URL list: "
94 phishing_url
.url
= std::string(url::kHttpScheme
) + "://" + record_parts
[0];
95 phishing_url
.list_name
= record_parts
[1];
96 if (record_parts
[2] == "yes") {
97 phishing_url
.is_phishing
= true;
98 } else if (record_parts
[2] == "no") {
99 phishing_url
.is_phishing
= false;
101 LOG(ERROR
) << "Unrecognized expectation in " << urls
[i
]
102 << ": " << record_parts
[2];
105 phishing_urls
->push_back(phishing_url
);
110 class FakeSafeBrowsingService
: public SafeBrowsingService
{
112 explicit FakeSafeBrowsingService(const std::string
& url_prefix
)
113 : url_prefix_(url_prefix
) {}
115 SafeBrowsingProtocolConfig
GetProtocolConfig() const override
{
116 SafeBrowsingProtocolConfig config
;
117 config
.url_prefix
= url_prefix_
;
118 // Makes sure the auto update is not triggered. The tests will force the
119 // update when needed.
120 config
.disable_auto_update
= true;
121 #if defined(OS_ANDROID)
122 config
.disable_connection_check
= true;
124 config
.client_name
= "browser_tests";
129 ~FakeSafeBrowsingService() override
{}
131 std::string url_prefix_
;
133 DISALLOW_COPY_AND_ASSIGN(FakeSafeBrowsingService
);
136 // Factory that creates FakeSafeBrowsingService instances.
137 class TestSafeBrowsingServiceFactory
: public SafeBrowsingServiceFactory
{
139 explicit TestSafeBrowsingServiceFactory(const std::string
& url_prefix
)
140 : url_prefix_(url_prefix
) {}
142 SafeBrowsingService
* CreateSafeBrowsingService() override
{
143 return new FakeSafeBrowsingService(url_prefix_
);
147 std::string url_prefix_
;
152 // This starts the browser and keeps status of states related to SafeBrowsing.
153 class SafeBrowsingServerTest
: public InProcessBrowserTest
{
155 SafeBrowsingServerTest()
156 : safe_browsing_service_(NULL
),
157 is_database_ready_(true),
158 is_update_scheduled_(false),
159 is_checked_url_in_db_(false),
160 is_checked_url_safe_(false) {
163 ~SafeBrowsingServerTest() override
{}
165 void UpdateSafeBrowsingStatus() {
166 ASSERT_TRUE(safe_browsing_service_
);
167 base::AutoLock
lock(update_status_mutex_
);
168 last_update_
= safe_browsing_service_
->protocol_manager_
->last_update();
169 is_update_scheduled_
=
170 safe_browsing_service_
->protocol_manager_
->update_timer_
.IsRunning();
174 content::WindowedNotificationObserver
observer(
175 chrome::NOTIFICATION_SAFE_BROWSING_UPDATE_COMPLETE
,
176 content::Source
<SafeBrowsingDatabaseManager
>(database_manager()));
177 BrowserThread::PostTask(BrowserThread::IO
, FROM_HERE
,
178 base::Bind(&SafeBrowsingServerTest::ForceUpdateOnIOThread
,
183 void ForceUpdateOnIOThread() {
184 EXPECT_TRUE(BrowserThread::CurrentlyOn(BrowserThread::IO
));
185 ASSERT_TRUE(safe_browsing_service_
);
186 safe_browsing_service_
->protocol_manager_
->ForceScheduleNextUpdate(
187 base::TimeDelta::FromSeconds(0));
190 void CheckIsDatabaseReady() {
191 base::AutoLock
lock(update_status_mutex_
);
192 is_database_ready_
= !database_manager()->database_update_in_progress_
;
195 void CheckUrl(SafeBrowsingDatabaseManager::Client
* helper
, const GURL
& url
) {
196 ASSERT_TRUE(safe_browsing_service_
);
197 base::AutoLock
lock(update_status_mutex_
);
198 if (database_manager()->CheckBrowseUrl(url
, helper
)) {
199 is_checked_url_in_db_
= false;
200 is_checked_url_safe_
= true;
202 // In this case, Safebrowsing service will fetch the full hash
203 // from the server and examine that. Once it is done,
204 // set_is_checked_url_safe() will be called via callback.
205 is_checked_url_in_db_
= true;
209 SafeBrowsingDatabaseManager
* database_manager() {
210 return safe_browsing_service_
->database_manager().get();
213 bool is_checked_url_in_db() {
214 base::AutoLock
l(update_status_mutex_
);
215 return is_checked_url_in_db_
;
218 void set_is_checked_url_safe(bool safe
) {
219 base::AutoLock
l(update_status_mutex_
);
220 is_checked_url_safe_
= safe
;
223 bool is_checked_url_safe() {
224 base::AutoLock
l(update_status_mutex_
);
225 return is_checked_url_safe_
;
228 bool is_database_ready() {
229 base::AutoLock
l(update_status_mutex_
);
230 return is_database_ready_
;
233 base::Time
last_update() {
234 base::AutoLock
l(update_status_mutex_
);
238 bool is_update_scheduled() {
239 base::AutoLock
l(update_status_mutex_
);
240 return is_update_scheduled_
;
243 scoped_refptr
<base::SequencedTaskRunner
> SafeBrowsingTaskRunner() {
244 return database_manager()->safe_browsing_task_runner_
;
247 const net::SpawnedTestServer
& test_server() const {
248 return *test_server_
;
252 bool InitSafeBrowsingService() {
253 safe_browsing_service_
= g_browser_process
->safe_browsing_service();
254 return safe_browsing_service_
!= NULL
;
257 void SetUp() override
{
258 base::FilePath datafile_path
;
259 ASSERT_TRUE(PathService::Get(base::DIR_SOURCE_ROOT
, &datafile_path
));
261 datafile_path
= datafile_path
.Append(FILE_PATH_LITERAL("third_party"))
262 .Append(FILE_PATH_LITERAL("safe_browsing"))
263 .Append(FILE_PATH_LITERAL("testing"))
265 test_server_
.reset(new LocalSafeBrowsingTestServer(datafile_path
));
266 ASSERT_TRUE(test_server_
->Start());
267 LOG(INFO
) << "server is " << test_server_
->host_port_pair().ToString();
269 // Point to the testing server for all SafeBrowsing requests.
270 std::string url_prefix
= test_server_
->GetURL("safebrowsing").spec();
271 sb_factory_
.reset(new TestSafeBrowsingServiceFactory(url_prefix
));
272 SafeBrowsingService::RegisterFactory(sb_factory_
.get());
274 InProcessBrowserTest::SetUp();
277 void TearDown() override
{
278 InProcessBrowserTest::TearDown();
280 SafeBrowsingService::RegisterFactory(NULL
);
283 void SetUpCommandLine(base::CommandLine
* command_line
) override
{
284 // This test uses loopback. No need to use IPv6 especially it makes
285 // local requests slow on Windows trybot when ipv6 local address [::1]
287 command_line
->AppendSwitch(switches::kDisableIPv6
);
289 // TODO(lzheng): The test server does not understand download related
290 // requests. We need to fix the server.
291 command_line
->AppendSwitch(switches::kSbDisableDownloadProtection
);
293 // TODO(gcasto): Generate new testing data that includes the
294 // client-side phishing whitelist.
295 command_line
->AppendSwitch(
296 switches::kDisableClientSidePhishingDetection
);
298 // TODO(kalman): Generate new testing data that includes the extension
300 command_line
->AppendSwitch(switches::kSbDisableExtensionBlacklist
);
302 // TODO(tburkard): Generate new testing data that includes the side-effect
304 command_line
->AppendSwitch(switches::kSbDisableSideEffectFreeWhitelist
);
307 void SetTestStep(int step
) {
308 std::string test_step
= base::StringPrintf("test_step=%d", step
);
309 safe_browsing_service_
->protocol_manager_
->set_additional_query(test_step
);
313 scoped_ptr
<TestSafeBrowsingServiceFactory
> sb_factory_
;
315 SafeBrowsingService
* safe_browsing_service_
;
317 scoped_ptr
<net::SpawnedTestServer
> test_server_
;
319 // Protects all variables below since they are read on UI thread
320 // but updated on IO thread or safebrowsing thread.
321 base::Lock update_status_mutex_
;
323 // States associated with safebrowsing service updates.
324 bool is_database_ready_
;
325 base::Time last_update_
;
326 bool is_update_scheduled_
;
327 // Indicates if there is a match between a URL's prefix and safebrowsing
328 // database (thus potentially it is a phishing URL).
329 bool is_checked_url_in_db_
;
330 // True if last verified URL is not a phishing URL and thus it is safe.
331 bool is_checked_url_safe_
;
333 DISALLOW_COPY_AND_ASSIGN(SafeBrowsingServerTest
);
336 // A ref counted helper class that handles callbacks between IO thread and UI
338 class SafeBrowsingServerTestHelper
339 : public base::RefCountedThreadSafe
<SafeBrowsingServerTestHelper
>,
340 public SafeBrowsingDatabaseManager::Client
,
341 public net::URLFetcherDelegate
{
343 SafeBrowsingServerTestHelper(SafeBrowsingServerTest
* safe_browsing_test
,
344 net::URLRequestContextGetter
* request_context
)
345 : safe_browsing_test_(safe_browsing_test
),
346 response_status_(net::URLRequestStatus::FAILED
),
347 request_context_(request_context
) {
350 // Callbacks for SafeBrowsingDatabaseManager::Client.
351 void OnCheckBrowseUrlResult(const GURL
& url
,
352 SBThreatType threat_type
,
353 const std::string
& metadata
) override
{
354 EXPECT_TRUE(BrowserThread::CurrentlyOn(BrowserThread::IO
));
355 EXPECT_TRUE(safe_browsing_test_
->is_checked_url_in_db());
356 safe_browsing_test_
->set_is_checked_url_safe(
357 threat_type
== SB_THREAT_TYPE_SAFE
);
358 BrowserThread::PostTask(BrowserThread::UI
, FROM_HERE
,
359 base::Bind(&SafeBrowsingServerTestHelper::OnCheckUrlDone
, this));
362 virtual void OnBlockingPageComplete(bool proceed
) {
363 NOTREACHED() << "Not implemented.";
366 // Functions and callbacks related to CheckUrl. These are used to verify
368 void CheckUrl(const GURL
& url
) {
369 BrowserThread::PostTask(BrowserThread::IO
, FROM_HERE
,
370 base::Bind(&SafeBrowsingServerTestHelper::CheckUrlOnIOThread
,
372 content::RunMessageLoop();
374 void CheckUrlOnIOThread(const GURL
& url
) {
375 EXPECT_TRUE(BrowserThread::CurrentlyOn(BrowserThread::IO
));
376 safe_browsing_test_
->CheckUrl(this, url
);
377 if (!safe_browsing_test_
->is_checked_url_in_db()) {
378 // Ends the checking since this URL's prefix is not in database.
379 BrowserThread::PostTask(BrowserThread::UI
, FROM_HERE
,
380 base::Bind(&SafeBrowsingServerTestHelper::OnCheckUrlDone
, this));
382 // Otherwise, OnCheckUrlDone is called in OnUrlCheckResult since
383 // safebrowsing service further fetches hashes from safebrowsing server.
386 void OnCheckUrlDone() {
390 // Updates status from IO Thread.
391 void CheckStatusOnIOThread() {
392 EXPECT_TRUE(BrowserThread::CurrentlyOn(BrowserThread::IO
));
393 safe_browsing_test_
->UpdateSafeBrowsingStatus();
394 safe_browsing_test_
->SafeBrowsingTaskRunner()->PostTask(
396 base::Bind(&SafeBrowsingServerTestHelper::CheckIsDatabaseReady
, this));
399 // Checks status in SafeBrowsing Thread.
400 void CheckIsDatabaseReady() {
401 EXPECT_TRUE(safe_browsing_test_
->SafeBrowsingTaskRunner()
402 ->RunsTasksOnCurrentThread());
403 safe_browsing_test_
->CheckIsDatabaseReady();
404 BrowserThread::PostTask(BrowserThread::UI
, FROM_HERE
,
405 base::Bind(&SafeBrowsingServerTestHelper::OnWaitForStatusUpdateDone
,
409 void OnWaitForStatusUpdateDone() {
413 // Update safebrowsing status.
414 void UpdateStatus() {
415 BrowserThread::PostTask(
418 base::Bind(&SafeBrowsingServerTestHelper::CheckStatusOnIOThread
, this));
419 // Will continue after OnWaitForStatusUpdateDone().
420 content::RunMessageLoop();
423 // Calls test server to fetch database for verification.
424 net::URLRequestStatus::Status
FetchDBToVerify(
425 const net::SpawnedTestServer
& test_server
,
427 // TODO(lzheng): Remove chunk_type=add once it is not needed by the server.
428 std::string path
= base::StringPrintf(
429 "%s?client=chromium&appver=1.0&pver=3.0&test_step=%d&chunk_type=add",
430 kDBVerifyPath
, test_step
);
431 return FetchUrl(test_server
.GetURL(path
));
434 // Calls test server to fetch URLs for verification.
435 net::URLRequestStatus::Status
FetchUrlsToVerify(
436 const net::SpawnedTestServer
& test_server
,
438 std::string path
= base::StringPrintf(
439 "%s?client=chromium&appver=1.0&pver=3.0&test_step=%d",
440 kUrlVerifyPath
, test_step
);
441 return FetchUrl(test_server
.GetURL(path
));
444 // Calls test server to check if test data is done. E.g.: if there is a
445 // bad URL that server expects test to fetch full hash but the test didn't,
446 // this verification will fail.
447 net::URLRequestStatus::Status
VerifyTestComplete(
448 const net::SpawnedTestServer
& test_server
,
450 std::string path
= base::StringPrintf(
451 "%s?test_step=%d", kTestCompletePath
, test_step
);
452 return FetchUrl(test_server
.GetURL(path
));
455 // Callback for URLFetcher.
456 void OnURLFetchComplete(const net::URLFetcher
* source
) override
{
457 source
->GetResponseAsString(&response_data_
);
458 response_status_
= source
->GetStatus().status();
462 const std::string
& response_data() {
463 return response_data_
;
467 friend class base::RefCountedThreadSafe
<SafeBrowsingServerTestHelper
>;
468 ~SafeBrowsingServerTestHelper() override
{}
470 // Stops UI loop after desired status is updated.
472 EXPECT_TRUE(BrowserThread::CurrentlyOn(BrowserThread::UI
));
473 base::MessageLoopForUI::current()->Quit();
476 // Fetch a URL. If message_loop_started is true, starts the message loop
477 // so the caller could wait till OnURLFetchComplete is called.
478 net::URLRequestStatus::Status
FetchUrl(const GURL
& url
) {
479 url_fetcher_
.reset(net::URLFetcher::Create(
480 url
, net::URLFetcher::GET
, this));
481 url_fetcher_
->SetLoadFlags(net::LOAD_DISABLE_CACHE
);
482 url_fetcher_
->SetRequestContext(request_context_
);
483 url_fetcher_
->Start();
484 content::RunMessageLoop();
485 return response_status_
;
488 base::OneShotTimer
<SafeBrowsingServerTestHelper
> check_update_timer_
;
489 SafeBrowsingServerTest
* safe_browsing_test_
;
490 scoped_ptr
<net::URLFetcher
> url_fetcher_
;
491 std::string response_data_
;
492 net::URLRequestStatus::Status response_status_
;
493 net::URLRequestContextGetter
* request_context_
;
494 DISALLOW_COPY_AND_ASSIGN(SafeBrowsingServerTestHelper
);
497 // TODO(shess): Disabled pending new data for third_party/safe_browsing/testing/
498 IN_PROC_BROWSER_TEST_F(SafeBrowsingServerTest
,
499 DISABLED_SafeBrowsingServerTest
) {
500 LOG(INFO
) << "Start test";
501 ASSERT_TRUE(InitSafeBrowsingService());
503 net::URLRequestContextGetter
* request_context
=
504 browser()->profile()->GetRequestContext();
505 scoped_refptr
<SafeBrowsingServerTestHelper
> safe_browsing_helper(
506 new SafeBrowsingServerTestHelper(this, request_context
));
509 // Waits and makes sure safebrowsing update is not happening.
510 // The wait will stop once OnWaitForStatusUpdateDone in
511 // safe_browsing_helper is called and status from safe_browsing_service_
513 safe_browsing_helper
->UpdateStatus();
514 EXPECT_TRUE(is_database_ready());
515 EXPECT_FALSE(is_update_scheduled());
516 EXPECT_TRUE(last_update().is_null());
517 // Starts updates. After each update, the test will fetch a list of URLs with
518 // expected results to verify with safebrowsing service. If there is no error,
519 // the test moves on to the next step to get more update chunks.
520 // This repeats till there is no update data.
521 for (int step
= 1;; step
++) {
522 // Every step should be a fresh start.
523 SCOPED_TRACE(base::StringPrintf("step=%d", step
));
524 EXPECT_TRUE(is_database_ready());
525 EXPECT_FALSE(is_update_scheduled());
527 // Starts safebrowsing update on IO thread. Waits till scheduled
529 base::Time now
= base::Time::Now();
533 safe_browsing_helper
->UpdateStatus();
534 EXPECT_TRUE(is_database_ready());
535 EXPECT_FALSE(is_update_scheduled());
536 EXPECT_FALSE(last_update().is_null());
537 if (last_update() < now
) {
538 // This means no data available anymore.
542 // Fetches URLs to verify and waits till server responses with data.
543 EXPECT_EQ(net::URLRequestStatus::SUCCESS
,
544 safe_browsing_helper
->FetchUrlsToVerify(test_server(), step
));
546 std::vector
<PhishingUrl
> phishing_urls
;
547 EXPECT_TRUE(ParsePhishingUrls(safe_browsing_helper
->response_data(),
549 EXPECT_GT(phishing_urls
.size(), 0U);
550 for (size_t j
= 0; j
< phishing_urls
.size(); ++j
) {
551 // Verifes with server if a URL is a phishing URL and waits till server
553 safe_browsing_helper
->CheckUrl(GURL(phishing_urls
[j
].url
));
554 if (phishing_urls
[j
].is_phishing
) {
555 EXPECT_TRUE(is_checked_url_in_db())
556 << phishing_urls
[j
].url
557 << " is_phishing: " << phishing_urls
[j
].is_phishing
558 << " test step: " << step
;
559 EXPECT_FALSE(is_checked_url_safe())
560 << phishing_urls
[j
].url
561 << " is_phishing: " << phishing_urls
[j
].is_phishing
562 << " test step: " << step
;
564 EXPECT_TRUE(is_checked_url_safe())
565 << phishing_urls
[j
].url
566 << " is_phishing: " << phishing_urls
[j
].is_phishing
567 << " test step: " << step
;
570 // TODO(lzheng): We should verify the fetched database with local
571 // database to make sure they match.
572 EXPECT_EQ(net::URLRequestStatus::SUCCESS
,
573 safe_browsing_helper
->FetchDBToVerify(test_server(), step
));
574 EXPECT_GT(safe_browsing_helper
->response_data().size(), 0U);
578 // Verifies with server if test is done and waits till server responses.
579 EXPECT_EQ(net::URLRequestStatus::SUCCESS
,
580 safe_browsing_helper
->VerifyTestComplete(test_server(), last_step
));
581 EXPECT_EQ("yes", safe_browsing_helper
->response_data());